@contrast/agent 4.13.0 → 4.13.1

package/bootstrap.js

@@ -47,9 +47,8 @@ Module.runMain = async function (...args) {
     loader.logTime(appStartTime, 'application');
     loader.logTime(startTime, 'agent & application');
   } catch (err) {
-    // eslint-disable-next-line no-console
     console.error(err);
-    // eslint-disable-next-line no-process-exit
-    process.exit(-1);
+    process.exit(-1); // eslint-disable-line no-process-exit
+
   }
 };

package/esm.mjs

@@ -125,10 +125,15 @@ export async function load(url, context, defaultLoad) {
   const filename = fileURLToPath(url);
 
   try {
+    let result;
     const cached = helpers.find(agent, filename);
-    const source = cached || await readFile(filename, 'utf8');
-    const result = rewriter.rewriteFile(source, filename, { sourceType: type === 'commonjs' ? 'script' : 'module' });
-    helpers.cacheWithSourceMap(agent, filename, result);
+    if (cached) {
+      result = { code: cached };
+    } else {
+      const source = await readFile(filename, 'utf8');
+      result = rewriter.rewriteFile(source, filename, { sourceType: type === 'commonjs' ? 'script' : 'module' });  
+      helpers.cacheWithSourceMap(agent, filename, result);
+    }
     return { format: type, source: result.code };
   } catch (err) {
     logger.error(

package/lib/assess/membrane/debraner.js

@@ -14,8 +14,6 @@ Copyright: 2022 Contrast Security, Inc
 */
 'use strict';
 
-/* eslint-disable prettier/prettier */
-
 const { PROXY_TARGET } = require('../../constants');
 
 class Debraner {

package/lib/assess/membrane/index.js

@@ -152,12 +152,10 @@ class Membrane {
   }
 
   includes(object) {
-    // eslint-disable-next-line prettier/prettier
     return this.members.has(object) || this.members.has(Membrane.unwrap(object));
   }
 
   getMapping(object) {
-    // eslint-disable-next-line prettier/prettier
     return this.members.get(object) || this.members.get(Membrane.unwrap(object));
   }
 
@@ -422,7 +420,7 @@ function copyMetadata(tar, prop, metadata) {
   });
 
   if (!nm.path) {
-    nm.path = prop || `''`;
+    nm.path = prop || "''";
   } else if (nm.isArray) {
     nm.path += `[${prop}]`;
   } else if (prop) {

package/lib/assess/models/tag-range/util.js

@@ -158,7 +158,7 @@ function trim(list, start, stop) {
   return trimmedList;
 }
 
-/* eslint-disable complexity */
+// eslint-disable-next-line complexity
 function trimInPlace(list, start, stop) {
   if (start < 0) {
     logger.debug(
@@ -205,7 +205,6 @@ function trimInPlace(list, start, stop) {
     }
   }
 }
-/* eslint-enable complexity */
 
 /**
  * Returns a filtered lists of TagRanges by type

package/lib/assess/policy/util.js

@@ -12,6 +12,8 @@ Copyright: 2022 Contrast Security, Inc
   engineered, modified, repackaged, sold, redistributed or otherwise used in a
   way not consistent with the End User License Agreement.
 */
+'use strict';
+
 /**
  * Contains helper functions used to manage the policy
  * Management of hooked functions that are defined in assess policies(e.g. deadzone.json, propagators.json, rules.json)
@@ -184,7 +186,6 @@ utils.patch = function(obj, path, props, hookOptions) {
 // this triggers, it /should/ be patched anyways.
 const refs = new WeakSet();
 
-/* eslint-disable complexity */
 /**
  * Recursively patch all exports on objects and classes
  * note cyclomatic check disabled because there's no place to break
@@ -195,6 +196,7 @@ const refs = new WeakSet();
  * @param   {number}          depth       current recursion depth
  * @returns {Object|function}             returns original reference but patched
  */
+// eslint-disable-next-line complexity
 utils.patchRecursive = function(obj, hookOptions, depth) {
   let protoNeedsPatch = false;
   let propertyNames; // scoped value so that this doesn't need to be called twice.
@@ -242,7 +244,6 @@ utils.patchRecursive = function(obj, hookOptions, depth) {
 
   return obj;
 };
-/* eslint-enable complexity */
 
 /**
  * Patches either global module or a resolved

package/lib/assess/propagators/JSON/stringify.js

@@ -44,14 +44,12 @@ const patcher = require('../../../hooks/patcher');
 const { PATCH_TYPES } = require('../../../constants');
 
 function makeCanary() {
-  /* eslint-disable prettier/prettier */
   return crypto
-      .randomBytes(12)
-      .toString('base64')
-      // map regex special chars to other chars
-      .replace(/\+/g, '%')
-      .replace(/\//g, '#');
-  /* eslint-enable prettier/prettier */
+    .randomBytes(12)
+    .toString('base64')
+    // map regex special chars to other chars
+    .replace(/\+/g, '%')
+    .replace(/\//g, '#');
 }
 
 // read canary as if the word was "marker". it's just a string inserted into the values
@@ -233,8 +231,7 @@ module.exports.handle = function() {
           if (isString(value)) {
             // make skeletal version of valProperties with only the tagRanges prop.
             data.metadata[id] =
-              // eslint-disable-next-line prettier/prettier
-            { tagRanges: [new TagRange(0, value.length - 1, '')] };
+              { tagRanges: [new TagRange(0, value.length - 1, '')] };
             value = `${canary}${id}~${value}`;
             id++;
           }
@@ -333,7 +330,6 @@ module.exports.handle = function() {
       // this check is required only for tests, i believe. sourceEvents should
       // always exist, even if an empty array, for production code.
       if (metadata.sourceEvents && !metadata.sourceEvents.length) {
-        // eslint-disable-next-line prettier/prettier
         const { sourceEvents, braned } = data.metadata;
         if (braned) {
           sourceEvents.push(
@@ -381,7 +377,6 @@ module.exports.handle = function() {
       // we only find our marker at the start of a string value.
       canaryReplacementDiff += m.length - 1;
       for (const tr of metadata[id].tagRanges) {
-        // eslint-disable-next-line prettier/prettier
         tagRanges.push(new TagRange(tr.start + offset, tr.stop + offset, tr.tag));
       }
 

package/lib/assess/propagators/ajv/conditionals.js

@@ -31,7 +31,6 @@ function executeConditionals(schema) {
       // if the conditional has a validator to check its schema, do it.
       if (conditional.validator) {
         if (!conditional.validator(schema[key])) {
-          // eslint-disable-next-line prettier/prettier
           this.logger.trace(`conditional schema ${key} not valid`);
           continue;
         }
@@ -44,7 +43,6 @@ function executeConditionals(schema) {
   }
 
   if ('if' in schema) {
-    // eslint-disable-next-line prettier/prettier
     valid = handleIfThenElse.call(this, schema.if, schema.then, schema.else) && valid;
   }
 
@@ -158,7 +156,6 @@ const conditionalDispatch = new Map([
   ['allOf', { method: handleAllOf, validator: nonEmptyArray }]
 ]);
 
-/* eslint-enable prettier/prettier */
 const conditionals = [...conditionalDispatch.keys()];
 
 module.exports = {

package/lib/assess/propagators/ajv/json-schema-type-evaluators.js

@@ -32,12 +32,11 @@ function t_boolean(schema, ctx) {
   return typeof ctx.data === 'boolean';
 }
 
-/* eslint-disable complexity */
 //
 // type: number, integer
 //
+// eslint-disable-next-line complexity
 function t_number(schema, ctx) {
-  /* eslint-disable prettier/prettier */
 
   // ajv's number evaluation order
   // integer (if type: integer)
@@ -83,7 +82,6 @@ function t_number(schema, ctx) {
   if ('multipleOf' in schema && (ctx.data / schema.multipleOf) % 1 !== 0) {
     valid = false;
   }
-  /* eslint-enable prettier/prettier */
 
   return valid;
 }
@@ -91,6 +89,7 @@ function t_number(schema, ctx) {
 //
 // type: string
 //
+// eslint-disable-next-line complexity
 function t_string(schema, ctx) {
   // ajv's string evaluation order
   // maxLength
@@ -134,6 +133,7 @@ function t_string(schema, ctx) {
 //
 // type: array
 //
+// eslint-disable-next-line complexity
 function t_array(schema, ctx) {
   if (!Array.isArray(ctx.data)) {
     return false;
@@ -248,6 +248,7 @@ function elementsAreUnique(data) {
 //
 // type: object
 //
+// eslint-disable-next-line complexity
 function t_object(schema, ctx) {
   if (typeof ctx.data !== 'object') {
     return false;
@@ -431,6 +432,7 @@ function* matching(patternProps, prop, ctx) {
 //
 // type: object helper
 //
+// eslint-disable-next-line complexity
 function evaluateObjectDependencies(schema, ctx) {
   const deps = schema.dependencies;
   let valid = true;
@@ -455,7 +457,6 @@ function evaluateObjectDependencies(schema, ctx) {
       }
       // it's an array! if key is present in this.data then all the properties
       // enumerated in the array (they're strings) must be present in this.data.
-      // eslint-disable-next-line prettier/prettier
       if (key in ctx.data && !dep.every((requiredProp) => requiredProp in ctx.data)) {
         // allErrors: true - check ajv's handling
         valid = false;

package/lib/assess/propagators/ajv/refs.js

@@ -40,7 +40,7 @@ const { objectWalk, objectOnlyWalk } = require('./object-walk');
 // when userSchema sees '#/$defs/street' it tries to dereference it as a *local* reference
 // because it has lost the addressSchema context.
 //
-/* eslint-disable complexity */
+// eslint-disable-next-line complexity
 function evalInRefSchema(ref) {
   const ctx = this;
   const ix = ref.indexOf('#');
@@ -194,7 +194,6 @@ function findNoHashRef(ref, ctx) {
   // yes, really.
 
   // try simple path replacement first.
-  // eslint-disable-next-line node/no-deprecated-api
   const urlParts = url.parse(ref);
   if (schemaUrl && !urlParts.host && urlParts.path === ref) {
     const newRef = `${schemaUrl.origin}/${ref}`;

package/lib/assess/propagators/ajv/schema-context.js

@@ -19,8 +19,6 @@ const { evalInRefSchema } = require('./refs');
 const fastDeepEqual = require('fast-deep-equal');
 const { objectWalk } = require('./object-walk');
 
-/* eslint-disable complexity */
-
 class SchemaContext {
   constructor(shadow, schema, object, key, options) {
     const schemaName = schema.$id || '';
@@ -107,6 +105,7 @@ class SchemaContext {
    * @param {object} ctx context for the evaluation, as defined above in evaluate().
    * @returns {boolean} validation result
    */
+  // eslint-disable-next-line complexity
   evaluate(schema) {
     this.inferredType = false;
     // don't do any validation of strings if the schema is boolean. while
@@ -165,6 +164,7 @@ class SchemaContext {
     return false;
   }
 
+  // eslint-disable-next-line complexity
   typeSpecificEval(schema) {
     const { type } = this;
 
@@ -374,7 +374,6 @@ class SchemaContext {
 
 const t = require('./json-schema-type-evaluators');
 
-/* eslint-disable prettier/prettier */
 // map each JSON Schema type to the method name for it
 SchemaContext.typeDispatch = new Map([
   ['null', { method: t.null, enumerator: 'scalarEnum' }],

package/lib/assess/propagators/path/common.js

@@ -59,23 +59,31 @@ function splitString(str, win32) {
  * @param {number} offset offset of full arg from result of path.resolve
  * @param {string} segment path segment from one of the args to path.resolve
  */
-function getSegmentOffset({ str, evaluator }, offset, segment, win32) {
+// eslint-disable-next-line complexity
+function getSegmentOffset({ meta: { str, evaluator }, offset, segment, win32, validateAgainstResult }) {
   // as the segments in each arg and in the result get traversed,
   // winnow away the string to ensure we are finding the proper
   // segment within the path
   const substr = str.substring(offset);
-  let segmentOffset = substr.indexOf(segment);
+  const { sep } = path[win32 ? 'win32' : 'posix'];
+  let segmentOffset;
+  // Sometimes the segment starts with a separator, but the path method removes the initial separator if the path is not absolute
+  if (validateAgainstResult && segment.startsWith(sep) && offset == 0 && !['\\', '/', '.'].includes(substr[0]) && !['\\', '/'].includes(segment)) {
+    segment = segment.slice(1);
+  }
+  segmentOffset = substr.indexOf(segment);
+
   // If tracking separators, evaluator will fail on extensions
   if (substr === `.${segment}`) {
-    return segmentOffset + offset;
+    return { offset: segmentOffset + offset, value: segment };
   }
+
   // Adjust offset if the segment does not start with a separator
-  const { sep } = path[win32 ? 'win32' : 'posix'];
   if (substr.startsWith(sep) && !segment.startsWith(sep)) {
     segmentOffset--;
   }
 
-  return evaluator(segmentOffset) ? segmentOffset + offset : -1;
+  return { offset: evaluator(segmentOffset) ? segmentOffset + offset : -1, value: segment };
 }
 
 /**
@@ -215,15 +223,19 @@ function filterSegmentsAndCalculateOffset(
         additionalOffset = hasChange ? (sepAdded ? 1 : -1) : 0;
       }
 
-      const offset = getSegmentOffset(
-        resultMeta,
-        accumulator.offset + additionalOffset + accumulator.fileDotSeparator,
+
+      const validatedSegment = getSegmentOffset({
+        meta: resultMeta,
+        offset: accumulator.offset + additionalOffset + accumulator.fileDotSeparator,
         segment,
-        win32
-      );
+        win32,
+        validateAgainstResult: true
+      });
+
+      const { offset: segmentOffset, value: segmentValue } = validatedSegment;
 
       // no reason to proceed if segment is not in final result
-      if (offset === -1) {
+      if (segmentOffset === -1) {
         if (hasChange) {
           additionalOffset = 0;
           accumulator.isModified = false;
@@ -233,12 +245,11 @@ function filterSegmentsAndCalculateOffset(
       }
 
       // in case we have a file we need to increment the offset
-      if (resultMeta.str[offset + segment.length] === '.') {
+      if (resultMeta.str[segmentOffset + segmentValue.length] === '.') {
         accumulator.fileDotSeparator = 1;
       }
-
-      validSegments.push(segment);
-      accumulator.offset = calculateNewOffset(accumulator.offset, segment);
+      validSegments.push(validatedSegment);
+      accumulator.offset = calculateNewOffset(accumulator.offset, segmentValue);
       accumulator.isModified = true;
 
       return accumulator;
@@ -280,26 +291,20 @@ function adjustTagsToPart(resultMeta, argMeta, win32, data, index) {
   resultMeta.offset += additionalOffset;
 
   return segments.reduce((newTags, segment) => {
-    const offset = getSegmentOffset(
-      resultMeta,
-      resultMeta.offset,
-      segment,
-      win32
-    );
-
-    const argOffset = getSegmentOffset(argMeta, argMeta.offset, segment, win32);
+    const { offset, value: segmentValue } = segment;
+    const { offset: argOffset } = getSegmentOffset({ meta: argMeta, offset: argMeta.offset, segment: segmentValue, win32, validateAgainstResult: false });
 
     // updating the offset
-    resultMeta.offset = calculateNewOffset(resultMeta.offset, segment);
-    argMeta.offset = calculateNewOffset(argMeta.offset, segment);
+    resultMeta.offset = calculateNewOffset(resultMeta.offset, segmentValue);
+    argMeta.offset = calculateNewOffset(argMeta.offset, segmentValue);
 
     // in case we have a file we need to increment the offset
-    if (resultMeta.str[offset + segment.length] === '.') {
+    if (resultMeta.str[offset + segment.value.length] === '.') {
       resultMeta.offset += 1;
     }
 
     tagRanges.forEach((tag) => {
-      if (!isWithinTag(segment, argOffset, tag)) return;
+      if (!isWithinTag(segmentValue, argOffset, tag)) return;
 
       const start = adjustStart({
         tag,
@@ -310,7 +315,7 @@ function adjustTagsToPart(resultMeta, argMeta, win32, data, index) {
         tag,
         argOffset,
         offset,
-        segment
+        segment: segmentValue
       });
 
       newTags.push(new TagRange(start, stop, tag.tag));
@@ -327,6 +332,7 @@ function propagate({ resultMeta, data, win32 }) {
 
   data.args.forEach((arg, index) => {
     const argData = tracker.getData(arg);
+
     maybeUpdateResultMeta({ resultMeta, index, arg });
 
     const argMeta = {
@@ -354,7 +360,10 @@ function propagate({ resultMeta, data, win32 }) {
 }
 
 function getResultMeta(data, method) {
-  const offset = path.win32.isAbsolute(data.args[0]) ? 0 : process.cwd().length;
+  let offset = 0;
+  if (method === 'resolve' && !path.win32.isAbsolute(data.args[0])) {
+    offset = process.cwd().length;
+  }
 
   return {
     method: `path.${method}`,

package/lib/assess/propagators/path/resolve.js

@@ -19,6 +19,7 @@ const patcher = require('../../../hooks/patcher');
 const { PATCH_TYPES } = require('../../../constants');
 const { propagate, absolutePath, getResultMeta } = require('./common');
 
+
 /**
  * Entry point to propagator provider
  * This instruments path.resolve on

package/lib/assess/propagators/sequelize/utils.js

@@ -30,8 +30,7 @@ module.exports.isTracked = function isTracked(value) {
  * Function to get sql-string export. Caches the export on first call.
  */
 module.exports.getSequelizeString = function() {
-  // eslint-disable-next-line node/no-unpublished-require
-  const data = require('sequelize/lib/sql-string');
+  const data = require('sequelize/lib/sql-string'); // eslint-disable-line node/no-unpublished-require
   module.exports.getSequelizeString = () => data;
   return data;
 };

package/lib/assess/propagators/v8/init-hooks.js

@@ -14,7 +14,6 @@ Copyright: 2022 Contrast Security, Inc
 */
 'use strict';
 
-// eslint-disable-next-line no-unused-vars
 const logger = require('../../../core/logger')('contrast:v8:propagator');
 const tracker = require('../../../tracker');
 const patcher = require('../../../hooks/patcher');

package/lib/assess/static/hardcoded.js

@@ -22,7 +22,7 @@ const logger = require('../../core/logger')('contrast:rules:static');
 const _ = require('lodash');
 const generate = require('@babel/generator').default;
 const { createHash } = require('../../util/trace-util');
-const natives = process.binding('natives'); // eslint-disable-line node/no-deprecated-api
+const natives = process.binding('natives');
 
 module.exports = ({ agent }) => {
   const rule = {};
@@ -62,8 +62,8 @@ module.exports = ({ agent }) => {
       hash: createHash([ruleId, filename, lineNum]),
       // some empty props required for backwards compatibility
       props: {
-        value: "''", // eslint-disable-line
-        signature: "''", // eslint-disable-line
+        value: "''",
+        signature: "''",
         access: 1,
         name,
         className: '""',

package/lib/core/logger/debug-logger.js

@@ -311,8 +311,8 @@ class DebugLogFactory {
     logger.console = this.mute
       ? noop
       : function() {
-        return console.log(...arguments); // eslint-disable-line
-        };
+        return console.log(...arguments); // eslint-disable-line prefer-rest-params
+      };
 
     [...levelNames, 'console'].forEach((level) => {
       if (level === 'console') {

package/lib/core/stacktrace.js

@@ -65,7 +65,8 @@ class Factory {
         const eventFrames = [];
         const clsFrames = [];
         const callsites = Factory.generateCallsites(target);
-        /* eslint-disable complexity */
+
+        // eslint-disable-next-line complexity
         ret = (callsites || []).reduce((acc, callsite) => {
           if (Factory.isCallsiteValid(callsite)) {
             const frame = Factory.makeFrame(callsite);

package/lib/protect/analysis/aho-corasick.js

@@ -69,7 +69,7 @@ class AhoCorasick {
     this.state = 0;
   }
 
-  /* eslint-disable complexity */
+  // eslint-disable-next-line complexity
   buildAutomata() {
     // only the root state (state 0) to start with
     let stateCount = 1;

package/lib/protect/rules/nosqli/nosql-injection-rule.js

@@ -13,7 +13,6 @@ Copyright: 2022 Contrast Security, Inc
   way not consistent with the End User License Agreement.
 */
 'use strict';
-/* eslint-disable complexity */
 const _ = require('lodash');
 const util = require('util');
 
@@ -77,6 +76,7 @@ class NoSqlInjectionRule extends require('../') {
    * @param {SinkEvent} event             Emitted by database drivers/wrappers/ORMs
    * @param {Set}       applicableSamples set of Samples applicable to rule.
    */
+  // eslint-disable-next-line complexity
   evaluateAtSink({ event, applicableSamples }) {
     if (applicableSamples.size == 0 || !event.data) {
       return;

package/lib/protect/rules/rule-factory.js

@@ -45,7 +45,6 @@ const ctors = {
   [RULES.BOT_BLOCKER]: require('./bot-blocker/bot-blocker-rule'),
   [RULES.IP_DENYLIST]: require('./ip-denylist/ip-denylist-rule'),
   [RULES.VIRTUAL_PATCH]: require('./virtual-patch/virtual-patch-rule'),
-  /* eslint-enable */
 };
 
 class ProtectRuleFactory {

package/lib/reporter/speedracer/unknown-connection-state.js

@@ -46,28 +46,23 @@ class UnknownConnectionState extends BaseConnectionState {
    * @param {SpeedracerBaseMessage} message
    * @returns {Promise}
    */
-  send(message) {
-    const { speedracer } = this;
-    return new Promise(async (resolve, reject) => {
+  async send(message) {
+    try {
+      const clientResponse = await super.send(message);
+      this.speedracer.transitionConnectionState(SUCCESS);
+      return clientResponse;
+    } catch (err) {
+      // See if we need to start or wait for service
       try {
-        const clientResponse = await super.send(message);
-        speedracer.transitionConnectionState(SUCCESS);
-        resolve(clientResponse);
+        await this.handleSendFailure(err);
+        await this.retryInitialization();
+        const result = await this.speedracer.send(message);
+        return result;
       } catch (err) {
-        // See if we need to start or wait for service
-        try {
-          await this.handleSendFailure(err);
-          await this.retryInitialization();
-          // eslint-disable-next-line prettier/prettier
-          speedracer.send(message)
-            .then((r) => resolve(r))
-            .catch((e) => reject(e));
-        } catch (err) {
-          speedracer.transitionConnectionState(FAILURE);
-          reject(err);
-        }
+        this.speedracer.transitionConnectionState(FAILURE);
+        throw err;
       }
-    });
+    }
   }
 
   /**
@@ -106,25 +101,18 @@ class UnknownConnectionState extends BaseConnectionState {
    * messages.
    * @returns {Promise}
    */
-  retryInitialization() {
+  async retryInitialization() {
     const startup = this.speedracer.messageCache.get('startup');
     const appcreate = this.speedracer.messageCache.get('appcreate');
 
     if (!startup || !appcreate) return Promise.resolve();
 
-    return new Promise(async (resolve, reject) => {
-      this.speedracer.logger.debug(
-        'Sending initialization messages to service'
-      );
+    this.speedracer.logger.debug(
+      'Sending initialization messages to service'
+    );
 
-      try {
-        await this.speedracer.send(startup);
-        await this.speedracer.send(appcreate);
-        resolve();
-      } catch (err) {
-        reject(err);
-      }
-    });
+    await this.speedracer.send(startup);
+    await this.speedracer.send(appcreate);
   }
 
   /**

package/lib/reporter/translations/to-protobuf/settings/assess-features.js

@@ -36,7 +36,6 @@ function AssessFeatures({
   validatorScopes,
   validators = []
 } = {}) {
-  /* eslint-disable no-sparse-arrays, prettier/prettier */
   return new settings.AssessFeatures([
     enabled, //                                                   1              enabled
     dynamicSources, //                                            2      dynamic_sources
@@ -52,13 +51,12 @@ function AssessFeatures({
     validators.map(CustomRuleFeature).map(v => v.array), //      12           validators
     disabledRules, //                                            13       disabled_rules (deprecated)
     Sampling(sampling).array, //                                 14             sampling
-    , //                                                         15                    -
-    , //                                                         16                    -
-    , //                                                         17                    -
-    , //                                                         18                    -
+    undefined, //                                                15                    -
+    undefined, //                                                16                    -
+    undefined, //                                                17                    -
+    undefined, //                                                18                    -
     [] //                                                        19  dynamic_sources_map
   ]);
-  /* eslint-enable */
 }
 
 function AssessStacktrace(stacktraces) {

package/lib/util/get-file-type.js

@@ -19,27 +19,23 @@ const parent = require('parent-package-json');
 
 // eslint-disable-next-line complexity
 function getType(filename) {
-  const url = filename.startsWith('file://') ? filename : `file://${filename}`;
-
-  const { protocol, pathname } = new URL(url);
+  if (filename.startsWith('node:')) {
+    return 'builtin';
+  }
+  filename = filename.replace('file://', '');
 
   let parentType = 'commonjs';
   try {
-    parentType = parent(pathname).parse().type;
+    parentType = parent(filename).parse().type;
   } catch (err) {
     // Node assumes `commonjs ` if there's no `type` set in package.json
   }
 
-  if (protocol === 'node:') {
-    return 'builtin';
-  }
-  if (protocol === 'file:') {
-    const ext = path.extname(pathname);
-    if (ext === '.mjs' || (ext === '.js' && parentType === 'module')) {
-      return 'module';
-    } else if (ext === '.cjs' || (ext === '.js' && parentType !== 'module')) {
-      return 'commonjs';
-    }
+  const ext = path.extname(filename);
+  if (ext === '.mjs' || (ext === '.js' && parentType === 'module')) {
+    return 'module';
+  } else if (ext === '.cjs' || (ext === '.js' && parentType !== 'module')) {
+    return 'commonjs';
   }
   return 'unknown';
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/agent",
-  "version": "4.13.0",
+  "version": "4.13.1",
   "description": "Node.js security instrumentation by Contrast Security",
   "keywords": [
     "security",
@@ -29,8 +29,8 @@
   ],
   "scripts": {
     "docs": "jsdoc -c ../.jsdoc.json",
-    "release": "scripts/make-release.js",
-    "tag": "scripts/tag-release.js",
+    "release": "node scripts/make-release.js",
+    "tag": "node scripts/tag-release.js",
     "test:debug": "scripts/test.sh debug",
     "test": "scripts/test.sh",
     "test:screener": "mocha --parallel test/screener/**/*test.js",
@@ -117,14 +117,14 @@
   "devDependencies": {
     "@aws-sdk/client-dynamodb": "^3.39.0",
     "@bmacnaughton/string-generator": "^1.0.0",
-    "@contrast/eslint-config": "^3.0.0-beta.4",
+    "@contrast/eslint-config": "^3.0.0",
     "@contrast/fake-module": "file:test/mock/contrast-fake",
     "@contrast/screener-service": "^1.12.9",
     "@hapi/boom": "file:test/mock/boom",
     "@hapi/hapi": "file:test/mock/hapi",
     "@ls-lint/ls-lint": "^1.8.1",
-    "@typescript-eslint/eslint-plugin": "^5.12.0",
-    "@typescript-eslint/parser": "^5.12.0",
+    "@typescript-eslint/eslint-plugin": "^5.12.1",
+    "@typescript-eslint/parser": "^5.12.1",
     "ajv": "^8.5.0",
     "ast-types": "^0.12.4",
     "aws-sdk": "file:test/mock/aws-sdk",
@@ -142,10 +142,8 @@
     "ejs": "^3.1.6",
     "escape-html": "^1.0.3",
     "eslint": "^8.9.0",
-    "eslint-config-prettier": "^8.3.0",
     "eslint-plugin-mocha": "^10.0.3",
     "eslint-plugin-node": "^11.1.0",
-    "eslint-plugin-prettier": "^4.0.0",
     "express": "file:test/mock/express",
     "fetch-cookie": "^0.11.0",
     "form-data": "^3.0.0",
@@ -175,7 +173,6 @@
     "nyc": "^15.1.0",
     "pg": "file:test/mock/pg",
     "pino": "^6.7.0",
-    "prettier": "^2.5.1",
     "proxyquire": "^2.1.0",
     "qs": "^6.9.4",
     "rethinkdb": "file:test/mock/rethinkdb",

package/perf-logs.js

@@ -104,7 +104,6 @@ async function processFile(filename, filter, group) {
         continue;
       }
       if (!group) {
-        // eslint-disable-next-line no-console
         console.log(JSON.stringify(data, null, 4));
       } else {
         const key = filter
@@ -125,7 +124,6 @@ async function processFile(filename, filter, group) {
   }
 
   if (group) {
-    // eslint-disable-next-line no-console
     console.log(JSON.stringify(Object.values(merged), null, 4));
   }
 }
@@ -148,10 +146,9 @@ if (program.filter) {
   try {
     filterRegex = new RegExp(program.filter);
   } catch (e) {
-    // eslint-disable-next-line no-console
     console.error('invalid filter regex');
-    // eslint-disable-next-line no-process-exit
-    process.exit(-1);
+    process.exit(-1); // eslint-disable-line no-process-exit
+
   }
 }